slack-gif-creator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): No malicious patterns or security vulnerabilities were identified in the provided source files. The skill is dedicated to programmatic image generation.
- Data Exfiltration (SAFE): The skill does not perform any network operations (
requests,curl, etc.) or access sensitive system paths. File operations are limited to saving the generated GIF to a local path. - Prompt Injection (LOW): The skill handles user-provided text and emoji strings for rendering purposes. While this constitutes an injection surface for visual content, the skill does not use this data to influence agent behavior or bypass safety filters, and it lacks the system-level permissions required for high-impact attacks.
- Remote Code Execution (SAFE): No remote code execution vectors, such as
eval(),exec(), or piped shell commands, were found. The skill relies on well-known, trusted Python packages for image manipulation. - Dependency Analysis (SAFE): The dependencies listed in
requirements.txt(pillow, imageio, numpy) are standard, reputable libraries in the Python ecosystem and do not pose a security risk in this context.
Audit Metadata